Trying to create crowdsourced intelligence for guidance

Internet – rights, privacy and transgressions

According to many net activists and cyber experts we are currently living in ‘golden period’ of internet where the amount of intrusion by govt is limited, internet remains free of sovereign control and this freedom is making people share their ideas, creativity like never before.

However there are dark clouds gathering on horizon of free net. This has been underlined by growing capability of govt, security agencies to hack into and listen, collate and analyze their citizens private lives. Hence revelations of Edward Snowden were startling for general public on the massive capability of the govt in creating apparatus to supervise and snoop on internet for the sake of national security.

A report on “Freedom on the Net”, released by Freedom House, the U.S.-based, government-funded organisation, points to the overall decline in internet freedom following a country-wise analysis of 65 nation-states. Freedom House’s reports in the past have been subjected to criticism for its perceived “bias” towards the U.S. and regimes friendly to it. But the “Freedom on the Net” report is fairly comprehensive in its categorisation of online freedom and curbs on it through different mechanisms adopted by nation-states.

As of today, the Internet is controlled predominantly by the U.S. Their technological and military concerns heavily influence Internet governance policy.

Unfortunately, the Brazil Netmundial convened in April, 2014, with the Internet Corporation for Assigned Names and Numbers (ICANN), following objections raised by [Brazilian] President Dilma Rousseff to the National Security Agency (NSA) spying on her government, only handed us a non-binding agreement on surveillance and privacy-related concerns.

Demand for an Internet bill of rights is growing loud.

This will have to lay out what Internet can and cannot do.

Key government actors must sign the agreement making it binding on them.

The main issue pertaining to technological dominance and thereby control of the network itself has to be challenged and a bill of rights must aim to address these concerns.

US dominance and challenges to the structure

Today, China and Russia are capable of challenging U.S. dominance. Despite being a strong commercial power, China has not deployed Internet technology across the world. The Chinese have good infrastructure but they use U.S. Domain Naming System, which is a basic component of the functioning of the Internet. One good thing is because they use the Chinese language for domain registration, it limits access to outsiders in some way.

India too is a big country. It helps that it is not an authoritarian country and has many languages. It should make the most of its regional languages, but with regard to technology itself, India has to tread more carefully in developing independent capabilities in this area.

As far as European countries are concerned, they are mostly allies of the U.S. and may not have a strong inclination to develop independent capabilities in this area. Africa again has potential; it can establish its own independent Internet network which will be patronised by its burgeoning middle classes.

Intrusion capability of govt and freedom of speech on net

Countries, irrespective of developed or developing status, are adopting more and more invasive means of censoring content, including techniques such as disruption of information networks and intrusive surveillance of the internet. These were self-evident from the revelations by the U.S. whistleblower Edward Snowden, who pointed to the expansive surveillance by the U.S. National Security Agency. While the revelations raised awareness about the use of dragnet surveillance by the world’s leading powers, they have not resulted in substantive curbs on the practice.

Legislation protecting digital privacy

The U.S. recently passed a law that provided some limits on call-records monitoring and added some checks on wire-tapping and other means of surveillance, but did not go far enough to curb the dragnet surveillance by the NSA. This has worldwide implications as the domain naming system and root servers are still largely controlled by agencies of the U.S. government. Fourteen of the 65 countries surveyed by Freedom House have passed laws to expand surveillance on their own citizens. UK has recently passed bill which allows its intelligence agencies to collect meta data of users browsing history and not entire history, and warrants needs to obtained for cyber searches from Home secretary. The government will not ban encryption, or require tech companies to build “back doors” into encrypted data: something presented as a concession in the bill, but which had in fact already been given up as either impossible or unsafe

Beyond surveillance, other forms of content takedowns and artificial “firewalls” have also hampered freedom of expression on the internet here Chinese govt rules the roost building one of the most sophisticated network of firewalls.

ICANN

ICANN is the Internet Corporation for Assigned Names and Numbers tasked with the responsibility for Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) top-level domain name system management, and root server system management functions. More generically, ICANN is responsible for managing the assignment of domain names and IP addresses.

ICANN’s structure is a unique mix of being a public nonprofit company registered as a 501(c) (3) charity and also referred to as a multistakeholder organization managed by an international Board of Directors, consisting of sixteen voting members and five non-voting liaisons. Three supporting organizations namely the Address Supporting Organization (ASO), Generic Names Supporting Organization (GNSO) and Country Code Names Supporting Organisation (ccNSO), each select two of the voting Board Members, the “nominating committee” selects eight directors, the at-large community selects one director and ICANN’s CEO also votes on its board.

Way forward

Developing independent networks will take time, but to address the issue of dominance in the immediate future we must first address the monopoly enjoyed by ICANN, which functions more or less as a proxy of the U.S. government.

The ICANN Domain Naming System (DNS) is operated by VeriSign, a U.S. government contractor.

Thus, traffic is monitored by the NSA, and the Federal Bureau of Investigation (FBI) can seize user sites or domains anywhere in the world if they are hosted by U.S. companies or subsidiaries.

ICANN needs to have an independent oversight body. The process for creating a new body could be primed by a coalition of states and other organisations placing one or several calls for proposals. Evaluation, shortlist, and hopefully selection, would follow.

S. government is adamant on controlling the ICANN DNS.

Thus, copies (mirrors) should be made available in other countries out of reach from the FBI. A German organisation Open Root Server Network is, at present, operating such a service. To make use of it, users have to modify the DNS addresses in their Internet access device. That is all, usage is free

“Internet governance” is too abstract for most people and governments to be interested in. The most crucial question is what kind of society do you want to live in? Should governments allow citizens to end up as guinea pigs for global Internet corporations? The revelations by NSA contractor Edward Snowden have proved beyond doubt that user data held by Internet companies today are subject to pervasive surveillance. Conducting these intrusive activities by controlling the core infrastructure of the Internet without obtaining the consent of citizen users is a big concern and should be debated in public. Therefore, debates about Internet governance are no longer alien; they involve all of us who are part of the network.

Indian Policy approach

In the arena of cyber security, India has already committed itself to bilaterals with countries like the US, UK, Australia and Japan, and seems to have a keen focus on beefing up cyber security to protect both its critical infrastructure as well as its IT industry and service sector. The same was revealed in last year’s National Cyber Security Policy 2013, which also aimed to train about 500,000 cyber security experts over the ensuing five years. However, India’s official policy towards cyber governance, on the other hand, has been difficult to read.

India is not comfortable with the current Western-dominated structure of internet governance, especially given the fact that the West seeks to encourage commercial interests by keeping the internet a free trade zone, while developing countries like India are still struggling with baser questions of access and inclusion.

India is keen to retain a system that is government-led and not market-led.

Members of the BRICS grouping are also in the same boat as India –they do not align themselves completely with the multistakeholder internet governance structures the West promotes.

China, quite famously, has strongly indicated that it believes in the internet being subject to its national law

China would look to build an international consensus on this idea, especially “defining cyberspace boundaries and rules of conduct

South Africa had also put its weight behind a government-led internet governance system in 2011, after an India-Brazil-South Africa (IBSA) meeting. This proposal, tabled by India at the UN, had signalled a move away from multi-stakeholder platforms like the ICANN and IGF to an UN-led system.

United Nations Committee for Internet Related Policies (CIRP) was to be a 50 member body –based on geographical representation –that would meet for two working weeks in Geneva to discuss internet issues, and would take inputs from Advisory Groups through the year.